We performed a comparison between Cloudflare and Imperva DDoS based on real PeerSpot user reviews.
Find out in this report how the two CDN solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It is easier to configure and develop documentation to see how we have configured firewalls."
"Easier http to https redirect using page rules"
"The solution is very good at mitigating threats."
"Centralized, full-featured DNS."
"Cloudflare has many features."
"When using services like Heroku, Cloudflare is very useful for CNAME flattening. I also use it for their end-to-end SSL with TLS authentication on nginx for securing servers."
"The DDoS protection is the most valuable aspect of the solution."
"The solution offers the flexibility to control configuration rules."
"Provides Anti-DDoS protection, as well as other protections like SQL injection, Cross-Site Scripting, and antiscanner. These types of protection are valuable to the business due to the daily attacks on our portals, and that often cannot be seen without a tool like this."
"There is no need to have an appliance in house for the services because it is on the cloud."
"Technical support provides good, quick responses."
"The dashboard is good and user-friendly."
"The most valuable features are DDoS protection."
"Imperva Incapsula has many valuable features. One, it protects the top 10 OWAS vulnerability, the open web application software platform, this is standard. Secondly, it protects against broken authentication. As well, it has remote execution of code."
"There are quite a few useful Imperva Incapsula features. For example, one of them is the reports. The graphics are very good and it's easy to configure. The whole process is very fast and reliable too. They have good tech support as well."
"Real-time monitoring is also a great tool, as you may watch several parameters in real time."
"The solution could work at being less expensive. It costs a lot to use it."
"The reporting can definitely be improved to offer a lot more explanation on something that may have happened or has actually happened."
"It would be beneficial for us if Cloudflare could offer a scrubbing solution. This would involve taking a snapshot of my website and keeping it live during a DDoS attack, ensuring uninterrupted service for our users. DDoS attacks are typically short in duration, and having Cloudflare maintain the site's availability from its secure network would enhance the overall user experience. I would appreciate it if Cloudflare could consider implementing this feature. Many organizations already utilize similar capabilities in their CDN platforms, where a static snapshot of the web page is displayed during DDoS attacks. In terms of features, Cloudflare needs to enhance its resilience and stay more focused on adopting new technologies. For instance, solutions like F5 XC Box, Access Solution, and Distributed Cloud Solution have impressive features, and Cloudflare should strive to match and exceed those capabilities. There's a need for improvement in areas like AI-based DDoS attacks and Layer 7 WAF features. Cloudflare should prioritize enhancements in areas such as behavioral DDoS and protection against SQL injection attacks, considering the prevalent trend of public exposure to the internet for business reasons. Overall, Cloudflare needs to invest more in advancing its feature set."
"If they improve on the placement of their data centers, it would be better. I'm living in a remote area. I would like to connect to them without any kind of lag."
"Cloudflare does not have an on-premise solution. If they had different approaches they could be better suited to accommodate more customers, such as on-premise and hybrid deployments. For example, hybrid deployments would be useful where you could move the traffic from the enterprise to the cloud."
"Latencies are always a problem."
"Cloudflare's console should be made more user-friendly."
"One area of improvement is in the Access Rules. Hypothetically, if we wanted to block or challenge traffic outside of the United States, the only way to currently do that (as far as I know) is to enter every single country outside of the United States. That could be a labor intensive job. A solution could be to enable users to create a rule where traffic is only allowed within a certain country."
"It needs to be improved every time there are new attacks."
"Some maintenance must be performed by our IT team."
"Incapsula services also provides load balancing services for their service IP address environment. So far, with monitoring their services, the IP address was only changed once."
"The log analytics interface within Incapsula isn't really good. For example, if you have to get all logs from there, it's a very cumbersome process."
"We would like them to hire people in Sweden because it's quite hard when people are sitting in the UK or Belgium because some of the customers really want them to be local."
"A limited tool if you're looking to customize."
"I would like to have support for SSL management and secure DNS."
"The salespeople tend to exaggerate its capabilities, which can cost you money if you don't verify the information."
Cloudflare is ranked 1st in CDN with 55 reviews while Imperva DDoS is ranked 5th in CDN with 74 reviews. Cloudflare is rated 8.4, while Imperva DDoS is rated 8.8. The top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". On the other hand, the top reviewer of Imperva DDoS writes "I like the content monitoring feature which I haven't seen in other WAF solutions". Cloudflare is most compared with Akamai, Azure Front Door, Microsoft Azure Application Gateway, AWS Shield and Arbor DDoS, whereas Imperva DDoS is most compared with Akamai, Arbor DDoS, Radware DefensePro, AWS WAF and Imperva Web Application Firewall. See our Cloudflare vs. Imperva DDoS report.
See our list of best CDN vendors and best Distributed Denial of Service (DDOS) Protection vendors.
We monitor all CDN reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.